Thanks Acede for the clarification. Please share info if other protocols such as ISIS or BFD have a significant advantage by having different authentication types for MD5 and HMAC_SHA2.
Thanks, Vinayaka G On Thu, Feb 16, 2023 at 10:52 PM Acee Lindem <[email protected]> wrote: > Hi Gun, > > RFC 2328 defined type 2 to generically refer to all cryptographic > authentication types. Given that the key-id implies both the specific > authentication algorithm and the key, I don’t see that this is a problem or > that using different OSPF authentication types would have provided any > significant advantage (unless you’re an attacker and MD5 is being used) > > Thanks, > Acede > > > On Feb 16, 2023, at 7:15 AM, Gun Vinayaka <[email protected]> wrote: > > > > Hi ALL, > > > > As per RFC 2328 for OSPFv2 authentication type 2 is used for > cryptographic authentication wherein keyed MD5 was mentioned. > > > > Same authentication type is used for HMAC-SHA2 family algorithms > mentioned via RFC 5709. > > > > For ISIS authentication type varies between MD5 and HMAC-SHA2 family. > The same case applies to BFD as well (different authentication types are > used for keyed-MD5, keyed SHA etc..). > > > > If other protocols such as ISIS and BFD have a different authentication > types for MD5 and HMAC-SHA for what reason OSPF has to use same > authentication type for MD5 and HMAC-SHA2 family. > > > > Thanks, > > Vinayaka G > > > > _______________________________________________ > > Lsr mailing list > > [email protected] > > https://www.ietf.org/mailman/listinfo/lsr > >
_______________________________________________ Lsr mailing list [email protected] https://www.ietf.org/mailman/listinfo/lsr
